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DETAILED ACTION 

1 . Claims 1 -7 and 1 0-1 9 are pending in this office action. 

Continued Examination Under 37 CFR 1.114 

2. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on January 
25, 2008, has been entered. 

3. Applicant's arguments, filed January 25, 2008, have been fully considered but 
they are not persuasive. 

Claim Rejections 

4. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 



Claim Rejections - 35 USC § 103 
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5. Claims 1-7 and 10-15 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Menezes et al. (Handbook of Applied Cryptography, 1997, section 13.3.1, pages 
551-553) in view of Weiant, Jr. etal. (U.S. Patent No. 6,044,350). 

Regarding claim 1 , Menezes et al. teaches an asymmetric cryptographic 
processing system using a multiple key hierarchy, the asymmetric cryptographic 
processing system comprising: 

• A first key for performing asymmetric operations at a first rate, wherein each 
operation requires a first cryptographic processing time (page 552, step 3, data 
keys, provide cryptographic operations on user data, tend to be short-term keys); 
and 

• A second key for performing an asymmetric cryptographic processing operation 
to update the first key (page 552, step 2, key-encrypting keys), wherein the 
second key is used for cryptographic processing operations for the first key at a 
second rate that is less often than the first rate (page 552, step 2, key-encrypting 
keys, the key-encrypting keys are used less often than the keys that they 
encrypt). 



Menezes et al. does not specifically teach the second key requires a second 
cryptographic processing time greater than the first cryptographic processing time. 
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Weiant, Jr. et al. teaches the second key requires a second cryptographic 
processing time greater than the first cryptographic processing time (fig. 3). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine the second key requiring more processing time than 
the first key, as taught by Weiant, Jr. et al. . with the method/medium of Menezes et al. 
It would have been obvious for such modifications because longer length keys take 
more time to process, in order to provide more security, with a tradeoff that the key does 
not have to be replaced as often. 

Regarding claims 2-5 , Menezes et al. as modified by Weiant, Jr. et al. teaches 
wherein the system is used to cryptographically process and transfer digital 
[voice/audio/video] data in a network (see col. 3, lines 32-38 of Weiant, Jr. et al.). 

Regarding claim 6 , Menezes et al. as modified by Weiant, Jr. et al. teaches 
wherein the second key is hard coded into the system at the time of manufacturing the 
system (see page 551 , section 13.3.1 , step 1 of Menezes et al.). 

Regarding claim 7 , Menezes et al. as modified by Weiant, Jr. et al. teaches 
wherein a plurality of digital cryptographic processing systems are coupled by a 
telecommunications system, wherein the second key is distributed to two or more of the 
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asymmetric cryptographic processing systems via the telecommunications system (see 
fig. 2 of Weiant, Jr. et al.). 

Regarding claim 10 , Menezes et al. as modified by Weiant, Jr. et al. teaches a 
method for providing secure data transactions in a telecommunications system, wherein 
a digital processing device receives information from the telecommunications system 
(see fig. 2, ref. num 234 of Weiant, Jr. et al.), wherein the digital processing device uses 
a first asymmetrical cryptographically processed key to perform an asymmetric 
cryptographic processing operation to decode the information wherein the cryptographic 
processing operation is at a first level of complexity requiring a first amount of resources 
by the processing device (see page 552, step 3, data keys of Menezes et al.), wherein 
the cryptographic processing operation is performed at a first rate of cryptographic 
processing operations per unit time (see page 552, step 3, data keys of Menezes et al., 
provide cryptographic operations on user data, tend to be short-term keys), the method 
comprising: 

• Transferring a second asymmetrical cryptographically processed key to the 
digital processing device, wherein the second asymmetrical cryptographically 
processed key is used in an asymmetric cryptographic processing operation at a 
second level of complexity requiring a second amount of resources by the 
processing device that is higher than the first amount of resources (see page 
552, step 3, data keys of Menezes et al., the data keys are used, perhaps for 
every type of data they encrypt); 



Application/Control Number: 10/049,812 Page 6 

Art Unit: 2136 

• Updating the first asymmetrical cryptographically processed key from time-to- 
time (see page 552, step 3 of Menezes et al.), wherein the updating of the first 
asymmetrical cryptographically processed key occurs at a second rate of 
cryptographic processing operations per unit time that is less than the first rate of 
cryptographic processing operations per unit time (see fig. 3, key B of Weiant, Jr. 
et al.), wherein the updating includes the following substeps: 

o Encoding a substitute first asymmetrical cryptographically processed key 
with a second key, so that the resulting cryptographically processed 
substitute first asymmetrical cryptographically processed key is decodable 
by the second asymmetrical cryptographically processed key (see page 
552, paragraph below step 3 of Menezes et al., keys at one layer are used 
to protect items at a lower level); and 
o Transferring the substitute first asymmetrical cryptographically processed 
key to the digital processing device so that the substitute first 
asymmetrical cryptographically processed key is used in subsequent 
cryptographic processing operations by the digital processing device (see 
fig. 2, ref. num 234 of Weiant, Jr. et al.). 



Regarding claim 1 1 , Menezes et al. as modified by Weiant, Jr. et al. teaches 
further comprising: 

• Transferring a third asymmetrical cryptographically processed key to the digital 
processing device (see page 551 , section 13.3.1 , step 1 , master key of Menezes 
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et al.), wherein the third asymmetrical cryptographically processed key is used in 
an asymmetric cryptographic processing operation at a third level of complexity 
requiring a third amount of resources by the processing device that is higher than 
the second amount of resources (see page 551 , section 13.3.1 , step 1 of 
Menezes et al. and fig. 3, key C of Weiant, Jr. et al.); 
• Updating the second asymmetrical cryptographically processed key from time-to- 
time (see page 552, step 2 of Menezes et al.), wherein the updating of the 
second asymmetrical cryptographically processed key occurs at a third rate of 
cryptographic processing operations per unit time that is less than the second 
rate of cryptographic processing operations per unit time (see fig. 3, key C of 
Weiant, Jr. et al.), wherein the updating includes the following substeps: 

o Encoding a substitute second asymmetrical cryptographically processed 
key with a third asymmetrical cryptographically processed key, so that the 
resulting cryptographically processed substitute second asymmetrical 
cryptographically processed key is capable of being cryptographically 
processed by the third asymmetrical cryptographically processed key (see 
page 552, paragraph below step 3 of Menezes et al., keys at one layer are 
used to protect items at a lower level); and 
o Transferring the substitute second asymmetrical cryptographically 
processed key to the digital processing device so that the substitute 
second asymmetrical cryptographically processed key is used in 
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subsequent cryptographic processing operations by the digital processing 
device (see fig. 2, ref. num 234 of Weiant, Jr. et al.). 

Regarding claims 12-15 , the examiner takes Official Notice that the resources 
include [processing time/transistor density on an IC/memory capacity/data bandwidth] 
because these resources are well-known tradeoffs of resource intensive actions as 
cryptography. 

Claims 16-19 rejected under 35 U.S.C. 103(a) as being unpatentable over Van 
Oorschot et al. (U.S. Patent No. 5,850,443) in view of Davis (U.S. Patent No. 
5,796,840). 

Regarding claim 16 , Van Oorschot et al. teaches a method of updating a 
cryptographic key used for decrypting distributed data, the method comprising: 

• Generating a first key for decrypting the distributed data, the first key of a first 
length (col. 6, lines 25-29); 

• Encrypting the first key with a second key, the second key of a second length, 
wherein the second length is longer than the first length (col. 6, lines 29-31); and 

• Distributing the encrypted first key (fig. 1 and col. 6, lines 31-33). 



Van Oorschot et al. does not teach wherein the first key updates the 
cryptographic key; and wherein the cryptographic key, the first key, and the 
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second key encrypt and decrypt data using a similar class of algorithm to encrypt 
and decrypt data. 

Davis teaches wherein the first key updates the cryptographic key (col. 6, 
lines 7-27); and wherein the cryptographic key, the first key, and the second key 
encrypt and decrypt data using a similar class of algorithm to encrypt and 
decrypt data (fig. 7, all use asymmetric key for encryption and decryption). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine updating the cryptographic key with the first key and all 
keys are from a similar class of algorithm, as taught by Davis , with the method of Van 
Oorschot et al. It would have been obvious for such modifications because the systems 
involved would only have to be programmed to handle one type of cryptographic 
algorithm. 

Regarding claim 17 , Van Oorschot et al. as modified by Davis teaches further 
comprising distributing data encrypted with the first key (see fig. 2 of Van Oorschot et 
al.). 

Regarding claim 18 . Van Oorschot et al. as modified by Davis teaches further 
comprising: 
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• Generating a third key to replace the first key, the third key of a third length, 
wherein the third length is shorter than the second length (see col. 6, lines 46-49 
of Van Oorschot et al.); 

• Encrypting the third key with the second key (see col. 6, lines 43-46 of Van 
Oorschot et al.); and 

• Distributing the encrypted third key (see fig. 3 of Van Oorschot et al.). 

Regarding claim 19 , Van Oorschot et al. as modified by Davis teaches further 
comprising distributing data encrypted with the third key (see fig. 4 of Van Oorschot et 
al.). 

Response to Arguments 

6. Applicant argues Menezes teaches a hybrid layering system that uses both 
symmetric and asymmetric cryptographic processing (page 8, last paragraph through 
page 9, second paragraph). 

Regarding applicant's argument, examiner disagrees with applicant. Menezes 
teaches that the key-encrypting keys are for transport or storage of keys, sometimes 
referred to as key-transport keys; key-transport key, by definition, are asymmetric keys. 
The data keys, as admitted by applicant, can by asymmetric, and perform operations on 
the key-encrypting keys. Therefore, two sets of keys, key-encrypting and data, are both 
asymmetric keys as required by the claim. As far as a second processing time greater 
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than the first processing time, it is obvious in the art that a key which is longer requires a 
longer time to process. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BRANDON S. HOFFMAN whose telephone number is 
(571)272-3863. The examiner can normally be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser G. Moazzami can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Brandon S Hoffman/ 

Primary Examiner, Art Unit 2136 



